The field of the invention is the field of data processing and particularly, secure data processing.
More specifically, the invention relates to a method for processing data in a system comprising two computers to obtain a result securely based on input data supplied by clients or users of the system.
The present disclosure is part of a substantial trend in recent years in terms of data processing, which is the increasing use of the ‘cloud’, i.e. cloud architectures, to carry out various processing operations on data regardless of their type.
However, the transfer of these operations to the cloud in turn naturally raises new issues, in particular the difficulty ensuring data confidentiality and the integrity of the operations carried out.
Various encryption techniques have been developed to address the need for data confidentiality.
Among these, homomorphic encryption techniques are particularly distinguished. Advantageously, homomorphic encryption allows processing operations applied to data be carried out on encrypted data. Nevertheless, homomorphic encryption uses ciphertexts of a very large size compared to that of the initial data. This results in a substantial increase in the quantity of computing operations to be carried out, which is naturally extremely problematic for the implementation of this technique.
Furthermore, although these techniques prove to be effective for preventing data breaches in respect of third parties, they can exhibit a limited effectiveness against certain types of players, particularly privileged players: system administrator, cloud infrastructure supplier, or more generally any person authorised to act upon processing operations.
To remedy these drawbacks, it has been proposed (see for example document Ref.2 or 4) to delegate at least a portion of the data processing carried out on homomorphic ciphertexts (such computing operations will be referred to hereinafter as ‘carried out in homomorphic mode’) in a Trusted Execution Environment, or “TEE”, type secure secondary computer. Such a computer type is defined in particular by document Ref.4.
Such computing delegation advantageously significantly reduces the quantity of computing operations to be carried out.
However, these methods which combine homomorphic encryption and the delegation of certain data processing operations with a TEE remain limited to very specific applications, for example, secure key exchange, training of a neural network with homomorphic encryption for quadratic functions and the remainder of the computing in the TEE, an aggregation method combining homomorphic computing and delegation of computing to a TEE, etc.
Furthermore, all these solutions are situated in the context of a TEE which can hypothetically be presumed to be trusted. For this reasons, these methods do not provide protective measures against an “honest-but-curious” TEE. As a reminder, in the field of cryptographic and security protocols, an “honest-but-curious” computer (also known as a passive or semi-honest adversary) is a type of adversary that follows the protocol correctly, but tries to learn as much as possible using the information available (see document Ref.4).
Finally, these solutions do not necessarily ensure computing security if the server adopts a malicious behaviour.
The aim of the present invention is that of proposing a data processing method making it possible to prevent the risks suggested above.
To this end, a data processing method is proposed wherein computing operations are carried out in a distributed manner on two computers, namely a server and a security hardware module, or TEE, the method making it possible to ensure data confidentiality including if the server adopts a malicious behaviour, whereas the TEE adopts an “honest-but-curious” behaviour.
To this end, according to the present disclosure, a method is proposed for processing data in a system comprising two computers to obtain a result using at least one input data item to be supplied by at least one emitting client, the result being computable by applying a combination of elementary operations to at least one input data item; wherein one of the computers is a server, and the other is a trusted execution environment, TEE; a first encryption and a second encryption are defined, one being indecipherable by the server, and the other being indecipherable by the TEE; the method includes the following steps:
Dec2(Dec1(Enc2(Enc1(x))))=Dec2(Enc2(x)).
In the present document, the expression ‘data under encryption’ denotes a data item which is encrypted at least using the encryption in question. The data item can optionally be under double (or triple) encryption.
The encryption being indecipherable by the server means for example that the server does not have the deciphering function, or does not have the deciphering key.
The server only processing processed data under at least the encryption indecipherable by the server means that any processed data item sent to the server is previously encrypted under at least the encryption indecipherable by the server. Similarly, the TEE only processing processed data under at least the encryption indecipherable by the TEE means that any processed data item sent to the TEE is previously encrypted under at least the encryption indecipherable by the TEE.
In certain implementations, one of the encryptions is decipherable by the server and not by the TEE, and the other of the two encryptions conversely is decipherable by the TEE but not by the server.
The TEE is a component which generally has a relatively small memory capacity. Preferably, the memory of the TEE has a capacity not exceeding 1 GB, or preferably not exceeding 512 MB (Megabytes), or more preferably not exceeding 256 MB. Naturally, it is assumed that the TEE is honest as to the processing operations it applies to the processed data.
In the method, the first computer can be the server and the second computer the TEE, or vice versa.
The central step of the method defined above is step S3. During this step, a processing operation is applied by the computers to the encrypted input data item received in step S2.
This processing includes a certain number of elementary operations.
These elementary operations successively convert the initial input data item into different processed data. The term ‘processed data item’ denotes a data item obtained using the initial data item during processing. When all the elementary operations making up the processing have been carried out, the computers obtain a ciphertext of the result. This is then sent to one or more clients (referred to as receiving clients).
Thus during the processing, the computers apply the combination of elementary operations to the received data item, which allows them to obtain the ciphertext of the desired result.
Importantly in the method, in step S3, instead of being executed on plaintext data x, all the operations carried out during the processing are executed on encrypted data [x].
Each of the computers is therefore configured to apply each of the relevant processing operations not on a plaintext data item, but on a corresponding encrypted data item. Thus, in particular, if an elementary operation consists of applying a function f to a processed data item x, according to the method, one of the computers actually applies a function {tilde over (ƒ)} to the encrypted data item [x] so as to supply as an output an encrypted result equal to the ciphertext of the result, or [f(x)]. The computer therefore actually applies a function {tilde over (ƒ)} to the ciphertext [x] of the data item x, and supplies as an output the ciphertext of the result: {tilde over (ƒ)}([x])=[ƒ(x)]. To simplify hereinafter, the function {tilde over (ƒ)} is annotated f like the function from which it is derived.
In the method generally, in a manner known per se, the operations making up the processing are executed exclusively on integers modulo a predefined maximum value T.
In the method, advantageously the data are encrypted during all of the steps (or operations) performed, whether they are performed by the server or by the TEE. Hence, this method makes it possible to carry out these steps securely, not only if the server is malicious, but also if the TEE adopts an “honest-but-curious” behaviour.
In the method, according to the implementation and unless specified otherwise, any application and any removal of an encryption to or from a data item can optionally be preceded or followed by an elementary operation modifying the processed data item.
In the present document a masking encryption includes any logical addition making it possible to modify the data item which is encrypted (using the mask), for example an addition, a logical ‘exclusive OR’ (XOR) function, etc.
In the method, any type of encryption indecipherable by the server can be used. The encryption indecipherable by the server can be thus be or can thus comprise a homomorphic, in particular fully homomorphic, encryption.
Preferably, each operation on a processed data item carried out by the server is carried out under homomorphic encryption. In this case, the server only processes data under at least one homomorphic encryption.
Thus in certain implementations, the first encryption is a homomorphic encryption and the second encryption a masking encryption, or vice versa.
To allow the computers to carry out the processing on encrypted data, the method includes support operations during which support functions are applied to the input data, the processed data or the results, each being optionally encrypted.
‘Support function’ means here a function other than said elementary operations and which:
It is understood that the support functions do not take part in carrying out elementary operations (because they are other than elementary operations), but serve only either to make it possible to carry out these elementary operations on encrypted data, or to encrypt or decipher data supplied to the computers or sent thereby, or to verify or ensure that the different operations included in the method, in particular the elementary operations, have been carried out properly.
In certain implementations, in step S3, the TEE applies to the processed data item or to the processed data only one or more support functions. The elementary operations of the processing are then for their part exclusively carried out by the server.
In certain implementations, the method includes the following steps:
Thus, using the processed data item under second encryption available in the server in step S33, the server can supply a processed data item under double encryption to the first computer. It can remove the second encryption. If the data item processed at this stage is actually the ciphertext of the result, the first computer can then send this ciphertext of the result (under first encryption) to the client which deciphers it.
Preferably, step S0235 is performed immediately following step S33, such that during step S0235, the second computer applies the first encryption to the processed data item obtained as an output of step S33. Thanks to this, when the first encryption is a homomorphic encryption, steps S33 and S0235 make it possible to carry out a reset of the noise or a relinearisation.
As the two steps S33 and S0235 are executed immediately one after the other, with no immediate operation, they constitute a deciphering/re-encryption operation. These two grouped operations, more generally, can also constitute a bootstrapping, an LHE (‘Levelled Homomorphic Encryption’) re-linearisation, or both at the same time, or any other ciphertext management operation. They can thus be operations conducted to obtain once again a ciphertext having a “fresh ciphertext” format.
The latter operation is performed normally in the case where removing then reapplying encryption makes it possible to lower the noise level in the ciphertexts, which is the case in particular for certain homomorphic encryptions (first encryptions). This operation is performed preferably if the second computer is a TEE.
In this case, thanks to the successive deciphering and re-encryption operations performed by the TEE, when there is a transencryption operation with a high expansion factor, the size of the ciphertexts sent from and to the client can be drastically reduced which results in a reduction in bandwidth consumption between the client and the server.
Furthermore, as ciphertext maintenance operations are thus delegated to the TEE, which carries them out in a much less costly manner than the server, the homomorphic computing performance of the server is considerably increased. Re-encryption makes it possible to refresh the homomorphic ciphertexts and has an equivalent effect to a bootstrapping operation but with a better resulting noise level.
In certain implementations, the method is implemented iteratively during a plurality of computing loops. One of the encryptions can moreover be a mask encryption. In this case, for the application of mask encryption during the method, the client or the computer concerned generates a mask stream; and in each computing loop, a new mask is generated and used for masking.
In numerous implementations, the encrypted result returned to the receiving client(s) following step S3 is encrypted under at least the first encryption, but this is not necessarily the case.
Thus, unlike in certain implementations of the method, during step S3, the processed data item is encrypted under an encryption other than the first encryption or is encrypted with the first encryption but with another encryption key; and the encrypted result returned following step S3 is encrypted with a different encryption from the first encryption or is encrypted with the first encryption but with another encryption key.
These implementations therefore make it possible to carry out a key switching operation securely.
According to the implementations, the receiving client(s) receiving the encrypted result following step S3, can be identical to or different from the or each of said at least one emitting client supplying the data item in step S1.
In certain embodiments, the method furthermore includes a step S0411 preceding step S2 and during which the first client applies an additional encryption, particularly symmetric, to the data item; and after the data item has been sent to the first computer in step S2, the first computer removes the additional encryption.
This additional encryption allows the transmission of the encrypted initial data item from the client to the first computer. The second encryption can thus be applied by the first computer, and not by the client. This reduces on one hand the computing operations performed by the client (applying the additional encryption, for example symmetric, can be more straightforward than applying the second encryption, typically homomorphic). Furthermore, this does not require the client to have the encryption key of the second encryption, and reduces communication costs.
In certain implementations of the method, during an operation S0533, the TEE removes the first encryption, referred to as initial first encryption, which can in particular be a masking encryption, of the processed data item; and
In this implementation, the client applies an initial first encryption to the data item which it sends to the first computer. During steps S0533 and S0535, the initial first encryption will be removed, then replaced by the final first encryption. Therefore, the latter will be deciphered by the client in the final step S4. This implementation therefore makes it possible to carry out a transencryption, and in particular, optionally, replace a masking encryption by a homomorphic encryption.
In this implementation, the TEE is preferably the first computer.
In step S2, the input data item under initial first encryption is first sent to the server.
After receiving this data item, during a step S0531, the server applies to the processed data item the second encryption, which is a masking encryption and sends it to the TEE, encrypted under this second encryption.
After following step S0535a, the processed data item under final first encryption and under second encryption has been sent to the server, during a step S0536, the server removes the second encryption (masking encryption). All or part of the elementary operations can be performed by the server only after carrying out step S0536.
In certain implementations of the method, the first encryption applied in step S1 is homomorphic encryption, referred to as first homomorphic encryption; during a step S0633, the TEE removes the first homomorphic encryption from the processed data item;
This implementation makes it possible to carry out a transencryption, the first homomorphic encryption being replaced by the second homomorphic encryption by the TEE during steps S33 and S35.
In certain implementations of the method, the combination of elementary operations includes N elementary operations of order j, j=1 . . . N; step S3 includes the execution of a plurality of computing loops, iteratively; in each loop of index j, j=1 . . . N, steps S1, S31, S32 and S33, a step S0730, a step S0735 and a step S0736 are carried out as follows:
Moreover, the security of the processing carried out by the computers can be increased when a verifiable computing protocol is known for the processing to be carried out.
The case where a verifiable computing protocol is defined, and makes it possible to verify the result by carrying out an elementary verification for each of said elementary operations is considered more particularly.
Let us take the case where the first computer is the server, and the second computer is the TEE. A tag computing function is defined in the context of the verifiable computing protocol, this function being commutative with the elementary operations gj (for the composition of functions o).
The first computer is the server, and the second computer is the TEE.
A tag computing function is defined in the context of the verifiable computing protocol, this function being commutative with the elementary operations.
The method then includes the following steps:
Thanks to a signature, verification and, optionally, homomorphic re-encryption operation in the TEE, a schema is constructed which establishes step by step that all the ciphertexts handled are either generated by the TEE (which, as owner of the secret homomorphic key is not an attacker on the homomorphic schema), or generated by applying legitimate homomorphic operators to ciphertexts generated by the TEE. Therefore, there is no possible CCA adversary for homomorphic encryption, which gives a stronger security level.
A signature is here any value attached to a message and which makes it possible to prove the integrity thereof: Using the message, the signature makes it possible to verify that it has not been altered. A signature is generally obtained in cryptography using a hash of the message, for example using a known public-key signature function such as RSA or ECDSA.
Moreover, certain implementations exploiting the commutativity of the two encryptions make it possible to carry out computing operations with increased security, and in particular benefiting from protection against CCA attacks.
Thus, in certain implementations of the method, the first computer is the TEE;
The verification performed during the loop K makes it possible to detect a CCA attack taking place during the loop J.
Furthermore, in certain variants of these implementations, in a step S31b of the loop J, the first computer obtains signatures for two encrypted data items computed in step S31 performed for the iteration j=J or in a previous iteration;
Thanks to the verification operation, performed preferably in a TEE, the validity of the computing carried out by the server can be ensured for the client with a lower additional cost than with conventional protocols.
Certain alternative implementations above, also aimed at carrying out computing operations more securely against CCA attacks, use adapted encryption schemas, such as the Paillier encryption schema.
In these alternative implementations of the method, the first computer is the TEE;
In the implementations described above, thanks to the verifiable cryptographic schema, it is then possible to perform the verifications described above systematically, for each of the operations of the combination of elementary operations (unless this verification is not necessary for certain types of elementary operations, for example for additions).
In this case, this systematic verification makes it possible to provide proof that the computing performed benefits from CCA security.
Other advantages, aims and particular features of the present invention will appear from the following non-limiting description of at least one particular embodiment of the devices and methods according to the present invention, with reference to the appended drawings, wherein:
By way of non-limiting embodiment examples, different implementations of the data processing method according to the present disclosure will now be described.
Each of these implementations involves the following three entities: a group of at least a client, a server and a TEE.
Any type of computer can be considered as forming the server. However, the server is preferably a computer having high computing capacities.
In the data processing method according to the present disclosure, each of the computers executes its assigned processing operations on encrypted data. These data are encrypted with an encryption indecipherable by the computer, such that it does not have access to the information contained in these data. This encryption can in particular be a homomorphic encryption or a masking encryption.
The encryption and deciphering functions are annotated respectively EncXX1, EncYY2, . . . and respectively DecXX1, DecYY2, . . . , where ‘1’, ‘2’ are indices; XX and YY indicate the type of encryption used: for example HE for a homomorphic encryption, S for a symmetric encryption, and M for a masking encryption.
The encrypted data are annotated between square brackets in the form [x]1, where ‘1’ is the index of the encryption function used (here: Enc1). The notation [x]1,2 indicates a data item x which has been encrypted successively with the first encryption function Enc1, followed by the second encryption function Enc2.
The steps of the method, in the different implementations described, are annotated in the form Sffnn, where ff refers to the number of the figure wherein the implementation is described, and nn is a step number assigned to the step in question. In the different implementations described, as much as possible, corresponding steps bear the same step number.
Each of the implementations described is aimed at obtaining a result, F(x) or F(x,y), which can be obtained (or equivalently, which is calculable) by applying a function F to at least one input data item x, or in certain cases to several input data items x, y, etc., as in the third implementation described hereinafter with reference to
This function F is broken down into a certain number of elementary computing operations, or elementary operation (each potentially having any level of complexity).
In the examples developed here, these elementary operations are represented by functions, annotated here f, g, h, or also gj for the case where a function (gj) is invoked iteratively, in a loop, by the computing method.
Naturally, the data processing method proposed is applicable to functions F that can be broken down into elementary operations f such that they can be transposed and executed by computer on the ciphertexts of the data. This condition is not limiting if the encryption schema is a fully homomorphic encryption, but must be taken into account in other cases, for example for a merely partially homomorphic encryption, for example merely additive or multiplicative.
In a first implementation of the method described by way of example, it is sought to compute a result F(x) using an input data item x supplied by a client CL1.
In this implementation, the function F is broken down into two elementary operations f and g: F(x)=f(g(x)).
To compute F(x), the following operations are carried out:
In step S1 (step S0101, in
The client CL1 then applies a first encryption Enc11 to the data item x; in this example, Enc11 is a fully homomorphic encryption.
In step S0102, the first client CL1 sends the data item [x]11, encrypted under encryption Enc11 to the server.
As the data item [x]1 is encrypted under the encryption Enc11, the deciphering key of which is unknown to the server, the server is incapable of accessing the information contained in the data item [x]1.
In step S0130, the server carries out a first elementary operation, g, consisting of applying a function g to the received data item [x]11, and thus obtains the data item g([x]11). When the encryption Enc11 is commutative (in the sense of the composition function o) with the function g, this value is equal to [g(x)]11, as shown in
Then in step S31 (S0131), the server applies a second encryption, Enc2, to the data item [g(x)]11, which therefore becomes the data item [g(x)]11,2.
When the first encryption Enc11 is a fully homomorphic encryption, any type of encryption may be used as second encryption Enc2.
In the implementation shown in
In step S32 (S0132), the server sends the data item [g(x)]11,2, encrypted under double encryption Enc11 and Enc2 to the second computer, the TEE.
As the data item [g(x)]11,2 is encrypted under the second encryption (i.e. masked), the TEE is incapable of accessing the information contained in this data item.
In step S33 (S0133), the TEE removes the first encryption (removes the layer of homomorphic encryption) from the data item [g(x)]11,2, and thus obtained a data mask [g(x)]2, still masked by the mask m.
In most of the variants of this implementation, the computing method then continues with the TEE carrying out step S0135 (described hereinafter), based directly on the data item [g(x)]1,2.
However, an intermediate computing step S0134 of applying a function f to the data item [g(x)]2 produced by the operation S33 can be provided when the function f and the second encryption/deciphering function (generally, by masking) are commutative for the function composition law (function ‘o’; f o g (.) is also annotated f(g(.))).
In this case, as shown in
It is assumed hereinafter by way of example that in the implementation described, step S0134 is carried out.
In step S0135, the TEE applies an additional encryption Enc12 (a homomorphic encryption) to the data item [f(g(x))]2, and thus obtains the intermediate encrypted data item [f(g(x))]2,12, which it sends encrypted under double encryption (homomorphic and masked encryption) to the server.
In step S0136, the server then removes the second encryption by applying the deciphering function Dec2 applied to the intermediate encrypted data item [f(g(x))]2,12, i.e. by removing the mask m, and obtained an intermediate encrypted data item [f(g(x))]12 under the additional encryption Enc12.
The server then ends step S3 (S0103) by sending the encrypted result [F(x)]12, to the client CL1.
In step S0104, the client CL1 deciphers the encrypted result [F(x)]1, i.e. applies the deciphering function Dec12 to it, and thus obtains the result F(x).
In this implementation, the second computer is a TEE. As the second computer must be capable of removing and applying homomorphic encryption (in steps S0133 and 0135), the choice of a secure computer such as a TEE as second computer makes it possible to carry out the encryption/deciphering functions Enc12 and Dec12, using for example a pair of symmetric keys, which makes it possible to execute these functions under satisfactory security conditions.
The additional encryption Enc12/Dec12 can be the same encryption as the first encryption Enc11/Dec11, with the same encryption key or not. It can also consist of two different encryptions.
In this implementation, the TEE removes the homomorphic encryption (DecHE11, step S0133) and applies the additional encryption (Enc12, step S0135): these are two examples of support functions applied by the TEE. Step S0133 contributes to the execution of homomorphic computing operations by the server. Step S0135 serves to encrypt results sent to the client. It is noted that the server also carries out support functions, for example in step S0136. Moreover, in this embodiment, in step S0134, the TEE carries out an elementary operation, which is not a support function.
In the second implementation, illustrated by
In this second implementation, the function F to be computed is broken down into a plurality of elementary operations gj, where j=1 . . . N, as follows:
The elementary operations gj are applied successively to the current data item iteratively by repeating a computing loop N times.
In each iteration of index j, the first computer, the server, applies an elementary function gj to the current processed data item gj−1 (gj−2 (gj−3 ( . . . (g1(x)))))). To simplify, in the present document, the processed data item gj (gj−1 (gj−2 ( . . . (g1(x)))))) conventionally is annotated gj(x).
As the number of elementary operations gj to be applied can be very high, it may be necessary for certain encryption schemas to reset the noise periodically. This relates in particular to the case where the first encryption is a homomorphic encryption wherein a noise component is integrated in the homomorphic ciphertext: it is then necessary periodically to reset the noise (so-called ‘Bootstrapping’ operation) (for more details, refer to Ref.2).
This second implementation of the method provides a solution for this reset. The TEE in this case advantageously is used to carry out the reset operation. In each iteration, the server applies an elementary function gj to the data item, and the TEE performs a noise reset operation.
The operations carried out in the second embodiment are the same as those performed in the first implementation apart from the following points:
The main difference is that, as the function F is broken down into N elementary operations gj, following step S0236 of removing the second encryption (removing the mask m)(comparable to the function S0136 of the first implementation), in the second implementation, there are two possibilities:
If the index j is strictly less than N, the ciphertext [gj (gj−1 (gj−2 ( . . . (g1(x))))))]1 computed in step S0236 by the server is then supplied as an input data item for the following iteration of the computing loop (composed of steps S0230, S0231, S0232, S0233, S0235, S0236).
Conversely during the last iteration, wherein the index j is equal to N, the ciphertext [gN (gN−1 (gN−2 ( . . . (g1(x))))))]1 computed in step S0236 by the server, and equal to the ciphertext of the result [F(x)]1, is then sent to the client CL1. This then deciphers this ciphertext and thus obtains the result (step S4).
However, in one variant, during the last computing loop (j=N), once step S0230 is carried out, instead of carrying out steps S0231, S0232, S0233 and S0235 to allow the noise reset operation, the server sends the result obtained in step S0230 directly to the client CL1 (dotted arrow in
In each iteration, the elementary computing operation S0230 (application of a function gj) by the server is therefore followed by noise reset operations S0233 and S0235 by the TEE.
The function of the TEE is therefore only to remove then reapply homomorphic encryption, by applying the functions DecHE1 and EncHE1, which are two support functions: unlike the first implementation, the TEE only carries out support functions, and does not carry out an elementary computing operation f; there is no comparable step to step S0134.
Advantageously, in particular in encryption schemas based on the LWE problem, the encryption and deciphering operations can be extremely fast, which means that the processing operations (operations S0233, S0235) carried out by the TEE only slow down the computing operations carried out by the server negligibly.
In certain implementations, the mask m is a mask supplied to the server by the client CL1 in a keystream. In this case, the second encryption performed in step S0231 in each iteration of index j uses a mask mj having a specific value in the iteration of index j.
A third implementation, also illustrated by
The difference between the second and the third implementation is that whereas in the second, the TEE carries out a noise reset operation, by contrast in the third implementation, the TEE carries out a relinearisation of the encrypted data item [gj (gj−1 (gj−2 ( . . . (g1(x))))))]1,2.
This relinearisation advantageously makes it possible to modify the encrypted data item: the relinearisation operation makes it possible to restore the form of the encrypted data item, and return it to the form of the initial ciphertexts or ‘fresh ciphertexts’. The TEE advantageously is used to perform the relinearisation operation.
The encryption schemas for which a relinearisation is required can in particular be LHE (‘Levelled Homomorphic Encryption’) level type schemas, such as BGV and BFV for example.
A fourth implementation, illustrated by
In the example, only the case of two variables x and y supplied respectively by two clients CL1 and C2L has been considered, but the method is applicable to any number of variables, supplied respectively by any number of clients CL1 . . . CLN.
In the example described, the function F is broken down into elementary operations as follows: F(x,y)=h(f(g(x)),y)).
The operations carried out in this embodiment are the same as those performed in the first implementation apart from the following points:
During the initial operation S1 (S0301), two clients CL1 and CL2 (and not only the client CL1) supply an input data item, respectively x and y, for data processing.
Each of these two data items is encrypted: A first encryption Enc11 is applied to x by the client CL1, and another ‘first encryption’ Enc12 is applied to y by the second client. The encryptions Enc11 and Enc12 are different or not from each other; they can also have the same encryption schema, but with different keys.
The encrypted data obtained [x]11 and [y]12 are then sent to the server (step S0302).
The following operations S0330, S0331, S0332, S0333, S0334, S0335 and S0336 are then substantially identical to the operations of the same step number performed in the first implementation.
It should be noted however that in step S0335, the first encryption applied is that used by the second client CL2, so as to prepare the supply to this second client, at the output of the server, of a processed data item encrypted under the first encryption Enc12 which is that used by the client CL2.
Moreover, following step S0336, instead of the result being sent directly to the client (CL2) (as in step S0136), an elementary operation h is previously applied (step S0337). This operation h uses as input data the encrypted data item [f(g(x))]12 and the encrypted data item [y]12, and supplies as an output a ciphertext of the result [F(x,y)]12.
This ciphertext of the result [F(x,y)]12, is then sent to the client CL2. This then deciphers this ciphertext and thus obtains the result (step S4).
In this example, the variable y is only involved in a computing phase wherein the variable x has already undergone two successive processing operations g and f, having made it possible to obtain f(g(x)). That being said, naturally any form is possible for the function F; in particular the variable y could be combined with the variable x from the first computing phase.
Moreover, in this implementation, the function g is applied to the data item x in a first elementary operation carried out by the server, and is followed by a second elementary operation f carried out by the TEE. The third elementary operation is once again an operation carried out in the server.
It is understood that as a general rule, any distribution of elementary operations between the two computers can be envisaged. Thus the data item processed in each of the computers can be dependent on all or part of the input variables (x and y in this example). Furthermore, although this is not the case in this implementation, in certain implementations, the computing can involve iterative computing operations between the two computers, as in the implementation illustrated by
The specificity of the fourth implementation, besides the fact that several input data items are supplied by the different clients (CL1 and CL2) at the input of the method, is that the method makes it possible to carry out a transencryption when the encryption schema Enc11/Dec11 is different from the schema Enc12/Dec12. The method makes it possible that using an encrypted data item x as an input with the homomorphic encryption schema Enc11, the client CL2 which receives the result as an output receives the result encrypted with another encryption schema, the schema Enc12/Dec12. It will be noted that the second client CL2 could optionally be the client CL1, then having two encryption schemas.
While in this implementation, the homomorphic encryption schemas use pairs of asymmetric keys, the TEE uses the private key of the homomorphic encryption schema EncHE11; and to encrypt the data item under encryption Enc12 in step S0335, the TEE has the public key of the encryption schema Enc12 and does not need the private key of the client CL2.
In a fifth implementation, illustrated by
The operations carried out in this embodiment are the same as those performed in the first implementation apart from the following points:
Firstly, in step S1 (S0401), the client CL1 after applying the first encryption EncM1, which is a masking encryption, applies another encryption EncS. In this implementation, this other encryption is a symmetric encryption (EncS,DecS), which represents neither the first encryption nor the second encryption in the sense of the present disclosure. This symmetric encryption EncS is an additional encryption, used to guarantee the confidentiality of the data item sent with respect to the server. Although the data item [x]1,s in this implementation sent directly by the client to the TEE (as the first computer), in other implementations, this data item can be sent via the server (in particular because in practice the TEE is most often integrated in the server).
After successively applying the first encryption EncM1 and the symmetric additional encryption EncS, the client CL1 sends the encrypted data item [x]1,s to the first computer, which is the TEE and not the server, unlike the first implementation.
On receipt of the data item [x]1,s, the TEE firstly removes the symmetric encryption (by applying the function DecS)(step S0430).
The following steps S0431, S0432, S0433 and S0434 are then carried out similarly to the stems of the same step numbers of the first implementation (with the important difference that the first computer is now the TEE, and that the second computer is the server):
The TEE applies the second encryption (EncHE2) to the data item (step S0431) and obtains the data item [x]1,2, which it sends to the server (step S0432).
The server removes the first encryption from the data item (step S0433), then performs elementary operation S0434 during which it applies the function f to the data item [x]2. This ciphertext of the result [F(x)]2 is thus obtained, which it sends to the client CL1. The client then removes the second encryption (by applying DecHE2, operation S4 (S0404) and thus obtains the result F(x).
In this implementation, the first encryption EncM1 is a masking encryption. Applying this encryption therefore consists of adding a mask m to the data item. In the present case, this therefore consists of replacing the current data item x by the sum x+m. This gives: [x]1=x+m.
To allow the server to remove this encryption, the mask m is shared between the client CL1 and the server. Conversely, as the data item [x]1,s is encrypted using this mask m before being sent to the TEE, the latter cannot know the content of the processed data item sent to it: masking encryption is indecipherable for the TEE.
Moreover, in order to be able to apply the second, homomorphic, encryption EncHE2, the TEE has the public key of the latter encryption, the client CL1 having for its part the corresponding private key to be able to remove this encryption (Function DecHE2).
In the 6th implementation, it is also sought to compute a result F(x) using an input data item x; the function F constitutes per se a single elementary operation F.
This 6th implementation makes it possible, like the 5th implementation, to carry out a transencryption. This implementation is illustrated by
In this 6th implementation, the operations carried out are substantially identical to the operations of the same step number carried out for the 1st implementation, with nonetheless the following specificities or sometimes differences:
In step S1 (S0501), the first encryption Enc11 applied is not a homomorphic encryption, but a masking encryption: The encrypted data item [x]11 is defined by: [x]11=x+m1, where m1 is a first mask which is unknown to the server and therefore indecipherable thereby.
The data item [x]11 is then sent to the server in step S2 (S0502).
In step S31 (S0531), the server applies to the data item a second encryption EncM2 which in this implementation is also a masking encryption. The data item obtained, [x]11,2 is then sent to the TEE (step S0532).
In step S0533, the TEE removes the first encryption (i.e. applies the function Dec11, by subtracting the value of the first mask m1).
Then in step S0535, the TEE once again applies an encryption decipherable by the client CL1, namely a fully homomorphic encryption, via a function Enc12, and sends the result [x]2,12 to the server.
In step S0536, the server removes the second encryption (function DecM2) and obtains a ciphertext of the processed data item [x]12.
Then, in step S0537, the server applies the function F to the ciphertext [x]12 and obtains the homomorphic ciphertext of the result, [F(x)]12.
It then sends this ciphertext [F(x)]12 to the client, which deciphers it and thus obtains the result F(x) in step S4 (S0504).
A 7th implementation, illustrated by
This 7th implementation is similar to the implementation of
The function F, as in the first implementation, is broken down as follows: F(x)=f(g(x)).
Steps S0601, S0602, S0630, S0631, S0632, S0633, S0634 and S0635 are substantially the same as the steps of the same step numbers of the first implementation, mutatis mutandis.
In particular, step S0634 can only take place if the function f and the second encryption/deciphering function are commutative for the function composition law.
In step S1 (S0601) as in the first implementation, a fully homomorphic encryption is applied by the function EncHE11.
The encryption EncHE12 can in particular be a symmetric encryption.
Furthermore, following step S0635, in the 7th implementation, the TEE sends the encrypted result [F(x)]2,12 directly to the client CL1 (This encrypted result [F(x)]2,12 could transit via the server, because the encryption EncHE12 is not decipherable by the latter).
In the 7th implementation, finally, in step S4 (S0604) the client CL1 therefore carries out a double deciphering, firstly by applying the function DecHE12, then by applying the function DecM2. It thus obtains the result F(x) in plaintext.
The 8th implementation, illustrated by
This implementation is applicable when there is for the computing to be carried out a verifiable computing protocol for verifying the results of all the computing operations carried out during the elementary computing operations. In this case, the computing is distributed as follows: the elementary operations are performed by the server, in particular under fully homomorphic encryption; each of these elementary operations is verified by the TEE.
This protocol makes it possible to verify that the computing is executed in a conforming way by performing a verification operation for each of the elementary operations performed.
Examples of verifiable computing protocols are cited for example by document Ref.5.
The integrity of the operations carried out in the TEE can for its part also be guaranteed, using a remote attestation method.
When these measures are adopted, advantageously the computing method makes it possible not only to ensure data confidentiality, but also computing integrity.
An example of implementation of the method, indicating the verifications to be carried out is represented schematically by
In this implementation as in the 2nd implementation, the function F to be computed is broken down as follows:
Hence, the elementary operations are carried out iteratively by performing the same computing loop N times: each computing step by the server makes it possible to apply, during a loop of index j, an elementary function gj to the current data item gj−1 (gj−2 (gj−3 ( . . . (g1(x)))))), also annotated conventionally, to simplify, gj−1(x).
The operations carried out within the scope of this implementation comprise overall the operations (or steps) of the second implementation, to which additional verification operations are added.
A verification is therefore carried out for each elementary operation, during each of the successive computing loops.
Thus in this implementation, the following operations are carried out:
In step S0701, the client CL1 supplies an input data item x. It computes a ciphertext [x]1 of this data item x for a first encryption EncHE1 (EncHE1 is a fully homomorphic encryption).
The ciphertext [x]1 is also used to compute a tag of the ciphertext [x]1 of the input data item, annotated tag([x]1), referred to as data tag.
A tag denotes here a value, also referred to as a label, which is computed from an initial data item and retained so as to then allow the authentication of the initial data item or keep a record thereof, within the scope of a verifiable computing verification protocol.
The data tag tag([x]1), like all the tags mentioned here, is computed by a tag computing function π.tag, within the scope of a verifiable computing protocol π. This protocol is determined according to the computing to be carried out in order to allow the verification thereof.
In parallel, during successive steps S0701a, the client CL1 generates an encryption keystream. In each iteration of the computing loop which will be described hereinafter between the two computers, the server and the TEE, the client CL1 generates a new key value mj in a step S0701a. Furthermore, using this key value mj, also in each step S0701a, the client CL1 also computes a key tag tag(mj).
Thus, in each iteration of the computing loop of index j (j=1 . . . N), the client CL1 sends the server the new computed key mj and the associated key tag tag(mj).
Sending the keys mj allows the server to carry out the operations of applying and removing the second encryption (EncM2, DecM2) to the processed data item in steps S0731 and S0736 described hereinafter.
Similarly, sending the key tags tag(mj) allows the server to carry out the operations of applying and removing the second encryption (EncM2, DecM2) to the data tags in steps S0731a and S0736a described hereinafter.
In step S0702, the client CL1 sends the server the encrypted data item [x]1 and the data tag tag([x]1).
On receipt of the received information (encrypted data item [x]1, tag thereof tag[x]1, keys mj, key tags tag(mj)), the server and the TEE progressively compute the result F(x) by carrying out N computing loops, as follows in step S3 (S0703).
In each loop of index j (j=1 . . . N), the server carries out an elementary operation gj, by applying a function gj to the processed data item received as an input (step S0730). In the 1st iteration, the data item received as an input is the encrypted data item [x]1; in subsequent iterations, the data item received as an input in step S0730 is an iteration of index j is an intermediate processed data item [gj−1(gj−2( . . . g1(x)))))]1 computed during a deciphering step S0736 which will be described hereinafter.
In parallel, in a step S0730a, the server once again applies the function gj, but this time it applies it successively, in the 1st iteration, to the data tag tag([x]1) of the (initial) encrypted data item [x]1; then, in subsequent iterations of index j, to the successive data tags of the intermediate data tags tag([gj−1(gj−2( . . . g1(x)))))]1), also annotated tag([gj(x)]1) computed during deciphering steps S0736a which will be described hereinafter.
The tag computing function is commutative with the elementary operations gj; hence, the result can be written indiscriminately as g;(tag([gj−1(gj−2( . . . g1(x)))))]1) or tag([gj(gj−1(gj−2( . . . g1(x)))))]1), also annotated tag([gj(x)]1).
The result [gj(gj−1( . . . g1(x)))))]1, also annotated [gj(x)]1 obtained in step S0730 is then encrypted by masking in step S31, with the mask mj, which constitutes the application of a second encryption (function EncM2).
In parallel, using the tag (tag[gj(x)]1)) obtained in step S0730a and the tag tag(mj) of the mask mj, the server computes the tag of the ciphertext under double encryption of the data item (tag([gj(x)]12)) in step S0731a, which requires the application of the second encryption to the processed data item (function EncM2).
All the data processed by the server which are functions of the input data item x are under first encryption EncHE1 and hence are indecipherable for the server, which is incapable of accessing the information contained in these data.
The server then sends the TEE in parallel the data item [gj(x)]1,2 and the data tag tag([gj(x)]1,2), both under double encryption in step S32 (S0732).
In step S0732a, the second computer, the TEE, then performs a verification of the computing carried out according to the verifiable computing protocol, based in particular on the ciphertext of the data item [gj(x)]1,2 and the associated tag tag([gj(x)]1,2).
This verification can in some cases include the following verification: the TEE computes at its end the data tag tag([gj(x)]1,2) using the data item [gj(x)]1,2 under double encryption, and verifies that the tag obtained is identical to that received in step S0732.
If the verification result is negative, the data processing is stopped and a warning message is sent.
Conversely, the verification result is positive, the TEE continues the processing.
For loops of index j<N:
If the verification performed in step S0732a indicates that the processing is performed in keeping with expectations, the TEE then removes the first encryption (applies the function DecHE1) of the data item [gj(x)]2,1, i.e. it subtracts the mask mj, and thus obtained the data item [gj(x)]2 in step S33 (S0733).
The TEE then once again applies the first encryption (applies the function Enc1) to the data item [gj(x)]2, i.e. it adds a new mask mj, and thus obtains the data item [gj(x)]2,1 (step S0735).
The TEE then sends this data item to the server as an input data item to allow the execution for the index j+1 of step S0736.
In step S0736 (in the loop of index j+1), the server removes the second encryption (applies the function DecM2) of the data item [gj(x)]2,1 and therefore obtains the data item [gj(x)]1, which will serve as input data item for step S0730 of the next iteration.
In parallel, following step S0735, the TEE computes a new data tag tag([gj(x)1,2]) (step S0735a). It then sends this tag tag([gj(x)1,2]) to the server as an input data item for the execution of step S0736a for the loop j+1.
In step S0736a (in the loop of index j+1), the server computes the data tag for the unmasked data item (from which the second encryption has been removed by applying the function DecM2) using the received data tag tag([gj(x)]1,2.
The current index of the computing loop then switches to j+1.
The computing loop of index j+1 then starts by executing in parallel steps S0730 and S0730a, on the basis respectively of the data item [gj(x)]1 and the data tag tag([gj(x)]1).
During the Loop of Index j=N
If the index j is equal to N, at the end of step S0732a, the server sends the client CL1 the data item [gN(x)]12, i.e. [F(x)]12.
In parallel, once step S0732a has been carried out, during a step S0735b, using the data item [gN(x)]1,2 obtained and verified in step S0732a, the TEE computes a signature sig([gN(x)]1,2) of the data item obtained, and sends it to the client CL1 (optionally, via the server). This signature is computed so as to make it possible to prove that the returned encrypted data item is indeed the encrypted data item obtained, once all the constituent elementary operations of F have been performed.
This signature as well as the data item [gN(x)]1,2 are therefore sent to the client CL1, optionally via the server.
The client CL1 then carries out step S4 (S0704), which includes three sub-steps S0741, S0742 and S0743.
In step S0741, the client CL1 verifies using the signature sig([gN(x)]1,2) that the returned encrypted data item [gN(x)]1,2 is indeed the encrypted data item expected following the computing operations. If the verification result is positive, computing is continued in step S0742; otherwise, it is interrupted and a warning message is sent.
In step S0742, the client CL1 removes the second encryption from the data item and obtains the data item [gN(x)]1.
In step S0743, the client CL1 deciphers the data item received [F(x)]1, i.e. removes the first encryption therefrom, and thus obtains the result F(x)=gN(x).
In this implementation, the TEE only carries out support functions. Indeed, the tag computing and verification functions applied during steps S0732a and S0735a are functions serving to verify the homomorphic computing operations carried out by the server; the deciphering/encryption functions carried out in steps S0733 and S0735 are functions contributing to the execution of the homomorphic computing operations by the server; and the signature computing function carried out in step S0735b is a function serving to prepare a verification data item serving to verify the results sent to the client CL1.
A 9th implementation relates to the case where it is sought to carry out the computing securely in relation to a Chosen Ciphertext Attack (CCA).
In this aim, the method is implemented in two phases illustrated respectively by
A 10th implementation will subsequently be described, which makes it possible to secure the processing in the same way, but this time using the Paillier cryptosystem.
For the 9th implementation firstly,
The preparation phase includes the following steps:
In step S1 (S0801), the client (emitting client) CL1 supplies a data item x to serve as input data item for the computing.
It applies a first encryption EncM11 to it, by masking, in this instance by adding a first mask m1.
It then applies an additional encryption EncM12 to it, also by masking, by adding a second mask m2. This additional encryption EncM12 is neither a first nor a second encryption in the sense of the present disclosure. As in the 5th implementation, this encryption EncM12 is an additional encryption used to guarantee the confidentiality of the data item sent with respect to the server. In this implementation, the encrypted data item obtained following the two encryption steps is sent by the client to the TEE (as the first computer) via the server, which justifies the need for this encryption EncM12 indecipherable by the server (the encryption EncM11 being for its part indecipherable by the TEE).
In step S2 (S0802), the client CL1 sends the data item [x]11,12 under double encryption to the first computer, the TEE (The TEE is indeed the first computer because it is the computer which will encrypt the data item under a second encryption in step S31, the server conversely in step S2 only sending the TEE the data item received from the client).
Then in step S3 (S0803), using the data item received in step S2, the server and the TEE compute a ciphertext [F(x)] of the computing result, and send this result to the receiving client which is the client CL1.
In step S4 (S0904) the client CL1 deciphers the ciphertext of the computing result [F(x)] and obtains the sought result F(x).
Step S3, represented essentially in
The function F, in this implementation, includes a certain number of input data items. In the example described, only the supply of two input data items x and y to the computing process has been represented in
As stated,
Before being sent to the TEE, the data item y is previously encrypted under the first encryption Enc11 by the server in step S0801a.
The data items [x]11,12 and [y]11 are sent to the TEE, respectively by the client CL1 and the server.
On receipt of the data item [x]11,12, the TEE removes the additional encryption (applies Dec12), i.e. removes the mask m2 from it (step S0830).
In step S31 (S0831), in parallel, the second encryption EncHE2, a fully homomorphic encryption, is applied to the data items [x]11 and [y]11.
The data under double encryption obtained [x]11,2 and [y]11,2 are then signed (step S0831b).
The data under double encryption [x]11,2 and [y]11,2 and their signatures G([x]11,2) and a([y]11,2) are sent respectively to the TEE in step S32 (S0832).
These data serve as input data for the elementary operations carried out in a loop, during successive iterations, by the server in conjunction with the TEE, as shown in
In
Therefore, the case where two input data items [z]11,2 and [z′]11,2, each under double encryption EncM11 and EncHE2, are supplied as an input to the TEE is considered. The first encryption is a masking encryption: the data item z is encrypted with the mask m and the data item z′ with the mask m′.
The TEE computes signatures a([z]11,2) and a([z′]11,2) for these data (step S0931b). Each of these data in conjunction with its signature is then sent to the server in step S32 (S0932).
In step S33 (S0933), the server removes the first encryption from these data and their associated signatures by applying DecM11.
It then carries out an elementary computing operation (operation S34). This operation can for example be the multiplication of the two data items z and z′, i.e. computing of a new data item [z″]2=[z]2*[z′]2. This multiplication is carried out between homomorphic ciphertexts.
Using any known computing integrity proof method, a proof π([z″]2) of the integrity of the elementary computing operation performed in step S34 is then computed.
This proof confirms that there are masks (m, m′, m″), applied to the data (z, z′, z″), such that
The encrypted data item [z″] is then encrypted again under the encryption EncM11 (step S0934a): a mask m″ is added to it.
Following the encryption operation performed in step S34a, the following elements are sent to the TEE with a view to a verification operation S0934b: The input data of the operation S34 and their signatures, i.e. [z]11,2, [z′]11,2, a([z]11,2), a([z′]11,2); and the data obtained as an output: [z″]2,11, π([z″]2).
On receipt of these elements, in step S0934b, the TEE performs the following verifications: it verifies the authenticity of the first data item [z]11,2 in relation to its signature a([z]11,2), the authenticity of the second data item [z′]11,2 in relation to its signature a([z′]11,2), then verifies the authenticity of the data item obtained as an output [z″]2 with respect to the proof of the result, π([z″]2). (Further verifications can be performed according to the security constraints to be observed by the data processing method).
If the result of these three verifications is positive, the TEE removes the second encryption from the data item [z″]11,2 (DecHE2, operation S0936).
The processing subsequently applied is dependent on whether the elementary operations are completed or not:
In the first case, i.e. if the index j is strictly less than N, the set of elementary operations (function gj) has not been performed completely. The data item [z″]11 under first encryption is again encrypted under second encryption EncHE2, homomorphic encryption, to allow the continuation of the data processing (step S0931).
After having applied the second encryption EncHE2 again in step S0931, the TEE signs the result [z″]11,2 (operation S0931b) and sends the server for the remainder of the calculations the data item [z″]11,2 under double encryption and its signature.
Conversely, if the index j is equal to N, the data item [z″]11 under first encryption is the computing result [F(x)]11, encrypted under first encryption. This result is re-encrypted under the additional encryption EncM12 (step S0937), then is sent under double encryption to the client. Applying the additional encryption EncM12 guarantees that the result sent to the client cannot be understood by the server. This result can therefore optionally be sent via the server.
During the different loops, thanks to the successive operations of the support functions DecHE2 and EncHE2 for removing and applying the second, homomorphic, encryption (operations S0936 and S0931), the noise level is reduced in the encrypted result [z″]11,2 ultimately re-sent to the server, which allows the continuation of the computing iterations.
In the second case above (j=N), on receipt of the result [F(x)]11,12 under double encryption, the client removes the additional encryption (Dec12) and the first encryption (Dec11) and thus obtains the result F(x) in step S4 (S0904). As the second encryption, i.e. the homomorphic encryption, has been removed by the TEE, this avoids the client doing so: the client only has to carry out much simpler operations of removing masks (Dec 11 and Dec 12).
Note: In another simpler embodiment, following the verifications, the TEE does not remove the second encryption (does not carry out the operation DecHE2): Following the verifications performed in step S34b (or even without carrying out these verifications), the TEE computes a signature of the result a([z″]2) (step S0931b) then returns the result [z″]2 and its signature a([z″]2) to the server. This consists of bypassing steps S0936 and S0931: this method is illustrated by the dotted arrow on the right-hand section of
Advantageously, in this implementation, the data exchanged between the client and the server are not encrypted homomorphically.
The verifications only relate to elementary operations, which are generally simple (for example: a multiplication). Hence, the second encryption may not be fully homomorphic (in that an encryption making it possible to perform an arbitrary number of successive additions and multiplications i.e. arbitrary multiplicative depth would be referred to as fully homomorphic encryption). Thus for example, a second encryption which is a homomorphic encryption of depth 1 (or of any finite depth) can be used in this implementation.
In this implementation, the verifications performed make it possible to prove, step by step, that all the ciphertexts handled during the computing operations are either computed by the TEE (which, as the owner of the secret second encryption key, is not an attacker for the second encryption), or computed during legitimate homomorphic computing operations performed on ciphertexts computed by the TEE (in the ‘Proof’ dotted rectangle in
The 10th implementation will now be described with reference to
Advantageously, as the Paillier schema intrinsically provides security against CCA attacks, it is no longer necessary in this implementation to use signature and signature verification operations as in the implementation described by
This 10th implementation is based on the Paillier ciphertext multiplication method described in document Ref.3. and summarised briefly hereinafter:
It is considered that there is a mask b previously generated at random in ZN.
An initial data item (or message) m is considered. using this data item m and the mask b, a ciphertext CF is defined, with reference to the authors Catalano and Fiore of Ref.3, annotated [m,b]CF, as follows:
where EncP, also annotated [.]P, denotes the Paillier encryption function.
Let us now consider two ciphertexts CF, namely the pair [m,b]CF=(m-b;EncP(b)), also annotated (c0,c1), and the pair [m′,b′]CF=(m′-b′;EncP(b′)), also annotated (c′0,c′1).
The intermediate variables a1, a2 and a3 are defined by the equations:
a1=EncP(c0×c′0 mod n);a2=c1c′0 mod n2;a3=c′1c0 mod n2.
Using these variables a1, a2 and a3, the product of the two ciphertexts CF is then defined by the triplet (a1a2a3 mod n2; c1; c′1)=(c″0; c″1; c″2).
It is easily verified that c″0 is indeed equal to the ciphertext under Paillier encryption of the product mm′-bb′. The product of the two ciphertexts CF therefore equals:
This operation therefore makes it possible to carry out a form of multiplication of the two initial ciphertexts CF, on the basis of the Paillier additive homomorphic cryptosystem.
However, the result obtained by this multiplication is a triplet: the triplet (c″0, c″1, c″2), and not a ciphertext CF (a pair), like the initial data. The multiplication operation therefore cannot follow each other directly because a multiplication operation expects ciphertexts CF and not triplets as an input.
The computing method according to the present disclosure will make it possible to overcome this problem by delegating the reconversion of the triples into ciphertexts CF to the TEE. This operation is a support function, because it contributes to computing under homomorphic encryption by the server.
During step S1 (S1001), the data item m undergoes two successive masking encryption operations: a first masking EncM11, during which a mask p is applied to the data item x; followed by an additional masking EncM12 (additional encryption) during which a mask a is applied to the data item x+p: this gives [m]11,12=m+μ+a.
During step S2 (S1002), the encrypted data item m+μ+a is sent to the TEE.
In a step S1030, the TEE removes the mask a (the additional encryption) and obtains the data item under first encryption m+μ.
In parallel, the TEE generates a mask b, and computes a Paillier ciphertext [b]P of this mask (step S1031P).
These two latter elements, as well the data item under first encryption x+p are then combined to form a ciphertext CF (m+μ−b;[b]P) in step S31 (S1031).
Moreover, the server supplies an input data item y for the computing. It masks it by adding a mask μ′ and obtains a ciphertext under first encryption Enc11: [y]11=y+μ′ (step S1001a).
In parallel, the TEE generates a mask b′, and computes a Paillier ciphertext [b′]P of this mask (step S1031P also).
These two latter elements, as well the data item under first encryption y+p are then combined to form a ciphertext CF (y+μ′−b′;[b′]P) in step S31 (S1031).
In this example, the two ciphertexts CF (x+p−b;[b]P) and (y+p′−b′;[b′]P) are computed and sent to the server in step S32 (S1032) for carrying out elementary computing operations.
During the implementation of the computing method according to the present disclosure, these operations are carried out as follows.
It is considered that the elementary operations to be carried out by the server are either additions, or multiplications. These two cases are treated differently.
On one hand, in respect of additions, the server can successively carry out any number of addition operations (because the addition operation does not have the drawback described above, so as to supply a triplet and not a ciphertext CF as an output; for more details on this operation, refer to document Ref.3).
Conversely, multiplication operations are carried out as follows, illustrated by
To carry out a multiplication operation between two data items m and m′, it is assumed that the TEE has two ciphertexts of these data, under first encryption Enc11:
These ciphertexts can be for example data supplied by clients such as the data item m+μ of
The TEE supplies two masks b and b′, and the Paillier ciphertexts [b]P and [b′]P of these masks (step S1031P or S1131P).
The TEE then computes the ciphertexts CF of the two ciphertexts to be multiplied (step S1031 or S1131, which represent the same step). These ciphertexts CF are therefore presented in the form of two pairs (m+μ−b;[b]P) et (m′+p′−b′;[b′]P). Here the masks μ and μ′ are known to the server but indecipherable by the TEE. The encryption CF, which constitutes the second encryption, is indecipherable by the server.
The TEE sends the ciphertexts CF to the server (step S1032 or S1132).
The server removes the first encryption Enc11 by removing the mask μ, μ′ from each of the ciphertexts in step S33 (S1133).
The server then carries out the multiplication operation between ciphertexts CF described by the algorithm proposed by document Ref.3 (step S1134). Following this operation, the server obtains the triplet ([mm′-bb′]P;[b]P;[b′]P).
The server then encrypts the triplet by adding a mask μ″ to the 1st term of triplet thanks to the additive homomorphism property of the Paillier encryption schema (step S1134a). It then sends the result obtained (mm′-bb′+μ″;[b]P;[b′]P) to the TEE.
The TEE removes the encryption from the three ciphertexts under Paillier encryption (step S1136). It obtains (mm′-bb′+μ″,b,b′) and can thus compute:
The multiplication product mm′ thus remains under first encryption, such that the TEE does not know the value of this product.
As in the general case of the 9th implementation, the processing performed by the TEE is not the same if all the elementary operations have been carried out and the current loop is the last loop of index j=N, or not, in which case at least one computing loop (j<N) remains.
In the first case, i.e. if j=N, the result obtained following step S1136 is also the computing result, under first encryption:
In this case, this encrypted result undergoes the operations of steps S1137 and S4 as in the general case of the 9th implementation (
In step S4, the client CL1 successively removes the additional encryption (applies the function DecM12), then removes the first encryption (applies the function DecM11), which makes it possible to obtain the result sought F(x).
Conversely, if there are one or more elementary operations remaining to be performed (j<N), the TEE generates a new mask b″, and computes a Paillier ciphertext [b″]P of this mask (step S1131P). The mask b″ and its ciphertext [b″]P are then combined with the ciphertext mm′+μ″ so as to obtain a ciphertext CF (step S31). The pair (mm″+μ″−b″; [b″ ]P) is then re-sent to the server: the computing operations can then be continued for the next iteration on the basis of this pair as an input and another value with which it is to be multiplied, and so on.
This 10th implementation has the benefit, with respect to the 9th implementation, of not needing the signature operations provided in the latter case.
Number | Date | Country | Kind |
---|---|---|---|
FR2314913 | Dec 2023 | FR | national |